The present disclosure provides an authorization authentication method, apparatus and system. The method includes: after a biological limb enters a preset range of a first device, establishing by the first device a communication connection with a second device via the biological limb; receiving by the first device information to be authorized transmitted by the second device through the communication connection, in which the information to be authorized includes digital authentication information; collecting by the first device biological characteristic information of the biological limb within a duration in which the biological limb enters the preset range of the first device; and acquiring by the first device an authentication result of authentication of the digital authentication information and the biological characteristic information, and performing an authorization operation by the first device when the authentication result of the authentication of the digital authentication information and the biological characteristic information is passing the authentication.
Legal claims defining the scope of protection, as filed with the USPTO.
1. An authorization authentication method, comprising: after a biological limb enters a preset range of a first device, establishing by the first device a communication connection with a second device via the biological limb; receiving by the first device information to be authorized transmitted by the second device through the communication connection, wherein the information to be authorized comprises digital authentication information; collecting by the first device biological characteristic information of the biological limb within a duration in which the biological limb enters the preset range of the first device; and acquiring by the first device an authentication result of authentication of the digital authentication information and the biological characteristic information, and performing an authorization operation by the first device when the authentication result of the authentication of the digital authentication information and the biological characteristic information is passing the authentication; wherein the information to be authorized further comprises identification information, and acquiring by the first device the authentication result of the authentication of the digital authentication information and the biological characteristic information comprises: obtaining authentication factor and biological characteristic verification information corresponding to the identification information; performing digital authentication on the digital authentication information by using the authentication factor and detecting a matching ratio between the biological characteristic verification information and the biological characteristic information; and determining that the authentication result passes the authentication when the digital authentication information passes the digital authentication and the matching ratio is greater than a preset value; wherein performing the digital authentication on the digital authentication information by using the authentication factor comprises: when the digital authentication information comprises a MAC value calculated by using a symmetric key, and the authentication factor comprises the symmetric key for calculating the MAC value, calculating a MAC check value by using the symmetric key and verifying the MAC value and the MAC check value; or when the digital authentication information comprises a dynamic password generated by using a seed key, and the authentication factor comprises the seed key for verifying the dynamic password, performing the verification on the dynamic password by using the seed key.
2. The method according to claim 1 , wherein, the biological characteristic information comprises fingerprint information and/or vein information; collecting the biological characteristic information of the biological limb by the first device comprises: in a case that the biological limb is in contact with the first device, collecting by the first device the biological characteristic information of a contact part of the biological limb in contact with the first device.
3. The method according to claim 1 , wherein, acquiring by the first device the authentication result of the authentication of the digital authentication information and the biological characteristic information comprises: transmitting the biological characteristic information and the digital authentication information to a background by the first device; receiving the authentication result transmitted from the background by the first device, in which, the authentication result is obtained by the background performing the authentication on the digital authentication information and the biological characteristic information.
4. The method according to claim 1 , wherein, the preset value is lower than a specific threshold value, in which, the specific threshold value is a matching ratio indicating that two biological characteristic information is same.
5. The method according to claim 1 , wherein performing the digital authentication on the digital authentication information by using the authentication factor and detecting the matching ratio between the biological characteristic verification information and the biological characteristic information comprises: performing the authentication on the digital authentication information by using the authentication factor, and when the digital authentication information passes the authentication, determining whether the matching ratio between the biological characteristic information and the biological characteristic verification information is greater than the preset value; or determining whether the matching ratio between the biological characteristic information and the biological characteristic verification information is greater than the preset value, and when the matching ratio between the biological characteristic information and the biological characteristic verification information is greater than the preset value, performing the authentication on the digital authentication information by using the authentication factor.
6. An authorization authentication apparatus, comprising: a hardware processor; and a memory, configured to store instructions executable by the hardware processor, wherein, the hardware processor is configured to: establish a communication connection with an identify recognition apparatus via a biological limb after the biological limb enters a preset range of the authorization authentication apparatus; receive information to be authorized transmitted by the identify recognition apparatus through the communication connection, wherein the information to be authorized comprises digital authentication information; collect biological characteristic information of the biological limb within a duration in which the biological limb enters the preset range of the authorization authentication apparatus; and acquire an authentication result of authentication of the digital authentication information and the biological characteristic information, and perform an authorization operation when the authentication result of the authentication of the digital authentication information and the biological characteristic information is passing the authentication; wherein the information to be authorized further comprises identification information, and the hardware processor is configured to: obtain authentication factor and biological characteristic verification information corresponding to the identification information; perform digital authentication on the digital authentication information by using the authentication factor and detecting a matching ratio between the biological characteristic verification information and the biological characteristic information; and determining that the authentication result passes the authentication when the digital authentication information passes the digital authentication and the matching ratio is greater than a preset value; wherein the processor is further configured to: when the digital authentication information comprises a MAC value calculated by using a symmetric key, and the authentication factor comprises the symmetric key for calculating the MAC value, calculate a MAC check value by using the symmetric key and verify the MAC value and the MAC check value; and/or when the digital authentication information comprises a dynamic password generated by using a seed key, and the authentication factor comprises the seed key for verifying the dynamic password, perform the verification on the dynamic password by using the seed key.
7. The apparatus according to claim 6 , wherein, the biological characteristic information comprises fingerprint information and/or vein information; the hardware processor is configured to, in a case that the biological limb is in contact with the authorization authentication apparatus, collect the biological characteristic information of a contact part of the biological limb in contact with the authorization authentication apparatus.
8. The apparatus according to claim 6 , wherein, the hardware processor is configured to transmit the biological characteristic information and the digital authentication information to a background, and receive the authentication result transmitted by the background, in which, the authentication result is obtained by the background performing the authentication on the digital authentication information and the biological characteristic information.
9. The apparatus according to claim 6 , wherein, the preset value is lower than a specific threshold value, in which, the specific threshold value is a matching ratio indicating that two biological characteristic information is same.
10. The apparatus according to claim 6 , wherein the processor is configured to: perform the authentication on the digital authentication information by using the authentication factor, and when the digital authentication information passes the authentication, determine whether the matching ratio between the biological characteristic information and the biological characteristic verification information is greater than the preset value; or determine whether the matching ratio between the biological characteristic information and the biological characteristic verification information is greater than the preset value, and when the matching ratio between the biological characteristic information and the biological characteristic verification information is greater than the preset value, perform the authentication on the digital authentication information by using the authentication factor.
11. An authorization authentication system, comprising an identify recognition apparatus and an authorization authentication apparatus, wherein the authorization authentication apparatus is configured to: establish a communication connection with the identify recognition apparatus via a biological limb after the biological limb enters a preset range of the authorization authentication apparatus; receive information to be authorized transmitted by the identify recognition apparatus through the communication connection, wherein the information to be authorized comprises digital authentication information; collect biological characteristic information of the biological limb within a duration in which the biological limb enters the preset range of the authorization authentication apparatus; and acquire an authentication result of authentication of the digital authentication information and the biological characteristic information, and perform an authorization operation when the authentication result of the authentication of the digital authentication information and the biological characteristic information is passing the authentication, the identify recognition apparatus is configured to transmit the information to be authorized to the authorization authentication apparatus through the communication connection; wherein the information to be authorized further comprises identification information, and the authorization authentication apparatus is configured to: obtain authentication factor and biological characteristic verification information corresponding to the identification information; perform digital authentication on the digital authentication information by using the authentication factor and detecting a matching ratio between the biological characteristic verification information and the biological characteristic information; and determining that the authentication result passes the authentication when the digital authentication information passes the digital authentication and the matching ratio is greater than a preset value; wherein the authorization authentication apparatus is further configured to: when the digital authentication information comprises electronic signature information obtained by signing with a private key, and the authentication factor comprises a public key for performing verification on the electronic signature information, perform the verification on the electronic signature information by using the public key; and/or when the digital authentication information comprises a MAC value calculated by using a symmetric key, and the authentication factor comprises the symmetric key for calculating the MAC value, calculate a MAC check value by using the symmetric key and verify the MAC value and the MAC check value; and/or when the digital authentication information comprises a dynamic password generated by using a seed key, and the authentication factor comprises the seed key for verifying the dynamic password, perform the verification on the dynamic password by using the seed key.
12. The system according to claim 11 , further comprising: a background, configured to receive the biological characteristic information and the digital authentication information transmitted by the authorization authentication apparatus, perform authentication on the digital authentication information and the biological characteristic information to obtain an authentication result, and transmit the authentication result to the authorization authentication apparatus.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
March 6, 2017
September 22, 2020
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.